Researchers from SentinelOne and Censys, reporting to Reuters after a 293-day study, found thousands of internet-exposed open-source LLM deployments susceptible to takeover and misuse. They observed visible system prompts in roughly 25% of deployments, with 7.5% potentially enabling harmful activity, and noted about 30% of hosts reside in China and 20% in the U.S. The findings underscore gaps in guardrails and the need for shared mitigation responsibilities.
Key Points
- 1Researchers found thousands of internet-exposed open-source LLM deployments, many with removed or absent guardrails
- 2Visible system prompts and 7.5% of inspected instances could enable harmful activities such as disinformation
- 3Practitioners must secure self-hosted models, monitor exposures, and apply mitigation tooling and documentation
Scoring Rationale
Strong industry-scale evidence of insecure, internet-exposed open-source LLM deployments, supported by reputable firms but lacking academic peer review.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems